Remove firewall rules from public servers

This commit is contained in:
Sam A. 2024-02-06 20:14:08 +01:00
parent 04b209a829
commit 0ecec60818
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
2 changed files with 8 additions and 9 deletions

View file

@ -10,22 +10,22 @@
[pub_cloud]
sapt-labc-pub01
# [mon_cloud]
# sapt-labc-mon01
# [sec_cloud]
# sapt-labc-sec01
[cloud:children]
pub_cloud
# mon_cloud
# sec_cloud
[prx_shrd]
sapt-labr-prx01
# [mon_shrd]
# sapt-labr-mon01
[shared:children]
prx_shrd
# mon_shrd
[app_prod]
sapt-labp-app01
@ -58,15 +58,15 @@ mda_stage
[publicservers:children]
pub_cloud
# [monitorservers:children]
# mon_cloud
# [securityservers:children]
# sec_cloud
[proxyservers:children]
prx_shrd
# [monitorservers:children]
# mon_shrd
[appservers:children]
app_prod
app_stage

View file

@ -56,8 +56,7 @@
state: enabled
- name: Firewall rules for proxy & public servers
when: hostname in groups['proxyservers'] or
hostname in groups['publicservers']
when: hostname in groups['proxyservers']
notify: Reload firewalld
block:
- name: Allow incoming connections to HTTP port in zones 'public' and 'dmz'